Skip to content
cyber news Page 12

cyber news

Phishing-as-a-Service “Rockstar 2FA” Targets Microsoft 365 Users with AiTM Attacks

Phishing-as-a-Service “Rockstar 2FA” Targets Microsoft 365 Users with AiTM Attacks

Nov 29, 2024Ravie LakshmananCybercrime / Cloud Security Cybersecurity researchers are warning about malicious email campaigns leveraging a phishing-as-a-service (PhaaS) toolkit called Rockstar 2FA with an aim to steal Microsoft 365 account credentials. “This campaign employs… 

Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks

Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks

Nov 29, 2024Ravie LakshmananAI Security / Cloud Security Microsoft has addressed four security flaws impacting its artificial intelligence (AI), cloud, enterprise resource planning, and Partner Center offerings, including one that it said has been exploited… 

U.S. Citizen Sentenced for Spying on Behalf of China’s Intelligence Agency

U.S. Citizen Sentenced for Spying on Behalf of China’s Intelligence Agency

Nov 29, 2024Ravie LakshmananCorporate Espionage / National Security A 59-year-old U.S. citizen who immigrated from the People’s Republic of China (PRC) has been sentenced to four years in prison for conspiring to act as a… 

Over Two Dozen Flaws Identified in Advantech Industrial Wi-Fi Access Points – Patch ASAP

Over Two Dozen Flaws Identified in Advantech Industrial Wi-Fi Access Points – Patch ASAP

Nov 28, 2024Ravie LakshmananIoT Security / Vulnerability Nearly two dozen security vulnerabilities have been disclosed in Advantech EKI industrial-grade wireless access point devices, some of which could be weaponized to bypass authentication and execute code… 

Cybercriminals Exploit Popular Game Engine Godot to Distribute Cross-Platform Malware

Cybercriminals Exploit Popular Game Engine Godot to Distribute Cross-Platform Malware

Nov 28, 2024Ravie LakshmananWindows Security / Cryptomining A popular open-source game engine called Godot Engine is being misused as part of a new GodLoader malware campaign, infecting over 17,000 systems since at least June 2024.… 

U.S. Telecom Giant T-Mobile Detects Network Intrusion Attempts from Wireline Provider

U.S. Telecom Giant T-Mobile Detects Network Intrusion Attempts from Wireline Provider

Nov 28, 2024Ravie LakshmananNetwork Security / Cyber Espionage U.S. telecom service provider T-Mobile said it recently detected attempts made by bad actors to infiltrate its systems in recent weeks but noted that no sensitive data… 

Critical Flaw in ProjectSend Under Active Exploitation Against Public-Facing Servers

Critical Flaw in ProjectSend Under Active Exploitation Against Public-Facing Servers

Nov 27, 2024Ravie LakshmananVulnerability / Software Security A critical security flaw impacting the ProjectSend open-source file-sharing application has likely come under active exploitation in the wild, according to findings from VulnCheck. The vulnerability, originally patched… 

Researchers Discover “Bootkitty” – First UEFI Bootkit Targeting Linux Kernels

Researchers Discover “Bootkitty” – First UEFI Bootkit Targeting Linux Kernels

Nov 27, 2024Ravie LakshmananLinux / Malware Cybersecurity researchers have shed light on what has been described as the first Unified Extensible Firmware Interface (UEFI) bootkit designed for Linux systems. Dubbed Bootkitty by its creators who…